Why Does Your WordPress Site Need A WordPress Malware Scanner ? 

Powering over a third of the all websites on the internet, WordPress is an extremely popular and useful tool for anyone who wants to create and maintain a website. This popularity along with making WordPress extremely feature rich and customisable does come with some drawbacks. Give the popularity of WordPress among both hobbyists and professionals, it has attracted and continues to be the target of choice for hackers and other malicious actors.

In just one month on hacker is reported to have attacked 1 Million different WordPress Sites. These attacks are mostly run scattershot against any and every website that malicious actor can find. Most of these attacks are looking for vulnerabilities present in your site which could be leveraged to gain access to your site. From what we have observed across the past few years, the most common attack vectors through which attackers gain access to a site are:

1. Brute Force Attacks – Here attackers, try to gain access to your WordPress Site by trying hundreds of thousands of combinations of username and passwords.
2. Through Vulnerable Plugins or Themes -Statistically 98% of WordPress vulnerabilities are related to plugins.
3. Through Un-updated versions of WordPress Core – Accounting for 37% of attacks on WordPress Sites.

What do Hackers Do After Gaining Access to your WordPress Site

After getting access to a site through methods listed above, we have observed a pattern that the hackers follow; that has persisted across almost all attacks.

1. They create pages or modify existing ones, including in them links to phishing sites or other malicious content.
2. They install a backdoor into your website, by downloading and installing a malicious plugin on your WordPress instance.
3. They host malicious files, and viruses on your site, using it as a source for their malware campaigns.

Of special note here, is that, these attackers try their hardest to remain undetected by the admins of the website. Most of the time the attackers are only detected after the website has been black listed by Google or after the entire website is flagged as hosting malicious content. This can lead to severe monetary losses to the website, as the websites SEO ranking and reputation takes a big hit.

How Does The WordPress Malware Scanner Plugin Protect Your Website ?

The Malware Scanner plugin, allows you to proactively scan your entire website to find whether there has been a compromise or to check if you are vulnerable to an attack. As most attackers leverage vulnerabilities in plugins to break into a website, the malware scanner plugin maintains a list of plugins and their vulnerabilites, which are then cross checked against the plugins on your WordPress Site. Notifying you if you are using a plugin that may lead to a decrease in your site’s security.

The plugin also scans your entire site looking for any signs of malicious changes or signs of compromise. Cross checking all URLs and outbound links with known blacklists, flagging and notifying you if any such signs of compromise are found

What can the Malware Scanner do?

The Malware Scanner detects any threats/possible threats to the website. The following are the checks our Malware Scanner plugin performs to ensure website security.

Malware Scan:

• Backdoors, trojans, viruses, worms, etc are detected.
• Malicious code snippets are detected using more than 5 million malware signatures updated daily.
• Scan for the presence of any Obfuscated/Encoded malicious code.

Version check & Compare Files

• Check WordPress, plugins and themes version with WordPress.org repository.
• Compare WordPress core, plugins and themes files with the marketplace repository to detect any file changes.
• Detect any changes in the files present in the WordPress plugins and themes folder.

Scan post and comment data

• Scan posts and comments data from databases to detect malware and malicious URLs.

Blacklist URLs

• Detect any URLs in code that are blacklisted for containing malicious or inappropriate content.

Whitelist URLs

• You can whitelist trusted URLs to avoid taking any action if that URL is flagged.

Check vulnerable plugins and themes

• Checks vulnerable plugins and themes and notify them.
• You can remove plugins and themes to enhance security.

Types Of Scans:

We offer a range of options to our users to meet their needs for an optimal and efficient malware scan.

1. 1. Quick Scan: Quick scan is used to scan plugins, themes and core files using malware signatures that are most commonly found. The scan is performed by just one click and needs no configuration.
   2. Standard Scan: The standard scan scans the entire website using more than a million signatures updated on a constant basis to catch Backdoors, trojans, viruses, worms, etc.
   3. Deep Scan: Deep scan, scans the entire website using more than 6.5 million signatures that include signatures retrieved by analysis and research, and are updated on a constant basis. A deep scan is available when you upgrade to the Premium version.
   4. Custom Scan: Custom scan provides configurable options to choose which folders to scan, extensions to skip, etc. A custom scan is suitable when you make changes to only a specific folder/file.